|
@@ -1561,6 +1561,36 @@ options_transition_requires_fresh_tls_context(const or_options_t *old_options,
|
|
|
return 0;
|
|
|
}
|
|
|
|
|
|
+/**
|
|
|
+ * Return true if changing the configuration from <b>old</b> to <b>new</b>
|
|
|
+ * affects the guard susbsystem.
|
|
|
+ */
|
|
|
+static int
|
|
|
+options_transition_affects_guards(const or_options_t *old,
|
|
|
+ const or_options_t *new)
|
|
|
+{
|
|
|
+ /* NOTE: Make sure this function stays in sync with
|
|
|
+ * entry_guards_set_filtered_flags */
|
|
|
+
|
|
|
+ tor_assert(old);
|
|
|
+ tor_assert(new);
|
|
|
+
|
|
|
+ return
|
|
|
+ (old->UseEntryGuards != new->UseEntryGuards ||
|
|
|
+ old->UseDeprecatedGuardAlgorithm != new->UseDeprecatedGuardAlgorithm ||
|
|
|
+ old->UseBridges != new->UseBridges ||
|
|
|
+ old->UseEntryGuards != new->UseEntryGuards ||
|
|
|
+ old->ClientUseIPv4 != new->ClientUseIPv4 ||
|
|
|
+ old->ClientUseIPv6 != new->ClientUseIPv6 ||
|
|
|
+ old->FascistFirewall != new->FascistFirewall ||
|
|
|
+ !routerset_equal(old->ExcludeNodes, new->ExcludeNodes) ||
|
|
|
+ !routerset_equal(old->EntryNodes, new->EntryNodes) ||
|
|
|
+ !smartlist_strings_eq(old->FirewallPorts, new->FirewallPorts) ||
|
|
|
+ !config_lines_eq(old->Bridges, new->Bridges) ||
|
|
|
+ !config_lines_eq(old->ReachableORAddresses, new->ReachableORAddresses) ||
|
|
|
+ !config_lines_eq(old->ReachableDirAddresses, new->ReachableDirAddresses));
|
|
|
+}
|
|
|
+
|
|
|
/** Fetch the active option list, and take actions based on it. All of the
|
|
|
* things we do should survive being done repeatedly. If present,
|
|
|
* <b>old_options</b> contains the previous value of the options.
|
|
@@ -1580,6 +1610,8 @@ options_act(const or_options_t *old_options)
|
|
|
const int transition_affects_workers =
|
|
|
old_options && options_transition_affects_workers(old_options, options);
|
|
|
int old_ewma_enabled;
|
|
|
+ const int transition_affects_guards =
|
|
|
+ old_options && options_transition_affects_guards(old_options, options);
|
|
|
|
|
|
/* disable ptrace and later, other basic debugging techniques */
|
|
|
{
|
|
@@ -1875,6 +1907,7 @@ options_act(const or_options_t *old_options)
|
|
|
if (old_options) {
|
|
|
int revise_trackexithosts = 0;
|
|
|
int revise_automap_entries = 0;
|
|
|
+ int abandon_circuits = 0;
|
|
|
if ((options->UseEntryGuards && !old_options->UseEntryGuards) ||
|
|
|
options->UseBridges != old_options->UseBridges ||
|
|
|
(options->UseBridges &&
|
|
@@ -1891,6 +1924,16 @@ options_act(const or_options_t *old_options)
|
|
|
"Changed to using entry guards or bridges, or changed "
|
|
|
"preferred or excluded node lists. "
|
|
|
"Abandoning previous circuits.");
|
|
|
+ abandon_circuits = 1;
|
|
|
+ }
|
|
|
+
|
|
|
+ if (transition_affects_guards) {
|
|
|
+ if (guards_update_all()) {
|
|
|
+ abandon_circuits = 1;
|
|
|
+ }
|
|
|
+ }
|
|
|
+
|
|
|
+ if (abandon_circuits) {
|
|
|
circuit_mark_all_unused_circs();
|
|
|
circuit_mark_all_dirty_circs_as_unusable();
|
|
|
revise_trackexithosts = 1;
|